From owner-freebsd-questions@FreeBSD.ORG Wed Oct 8 05:55:23 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8978316A4B3 for ; Wed, 8 Oct 2003 05:55:23 -0700 (PDT) Received: from ecserv7.uwaterloo.ca (ecserv7.uwaterloo.ca [129.97.50.127]) by mx1.FreeBSD.org (Postfix) with ESMTP id BF05C43FBD for ; Wed, 8 Oct 2003 05:55:21 -0700 (PDT) (envelope-from bruce@engmail.uwaterloo.ca) Received: from ecserv7.uwaterloo.ca (localhost.uwaterloo.ca [127.0.0.1]) h98CtKjA003561; Wed, 8 Oct 2003 08:55:20 -0400 (EDT) (envelope-from bruce@engmail.uwaterloo.ca) Received: (from www@localhost) by ecserv7.uwaterloo.ca (8.12.6p2/8.12.6/Submit) id h98CtKNs003560; Wed, 8 Oct 2003 08:55:20 -0400 (EDT) (envelope-from bruce@engmail.uwaterloo.ca) X-Authentication-Warning: ecserv7.uwaterloo.ca: www set sender to bruce@engmail.uwaterloo.ca using -f Received: from 129.97.50.50 ( [129.97.50.50])HTTP; Wed, 8 Oct 2003 08:55:20 -0400 Message-ID: <1065617720.3f84093834310@www.nexusmail.uwaterloo.ca> Date: Wed, 8 Oct 2003 08:55:20 -0400 From: Bruce Campbell To: Bruce Campbell References: <1065445822.3f8169be80fe3@www.nexusmail.uwaterloo.ca> In-Reply-To: <1065445822.3f8169be80fe3@www.nexusmail.uwaterloo.ca> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.1 / FreeBSD-4.6.2 X-Originating-IP: 129.97.50.50 cc: freebsd-questions@freebsd.org Subject: Re: ipfw and divert and trying to do something clever (never mind) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2003 12:55:23 -0000 never mind. "ipfw fwd" does exactly what I am after, I misunderstood the command line. Quoting Bruce Campbell : > > I have some machines behind a freebsd firewall, and I'm using ipfw. > > Presently, I reset attempts to smtp past the firewall: > > reset tcp from [subnet] to any 25 > > but I'd like to divert them to my own smtp server, so it doesn't > matter what the clients try to use. > > I thought this would be easy. Maybe it is. > > The "fwd" feature doesn't seem to do it, as it just forwards a > specific ipaddr[,port] (no subnet/mask) > > "divert" looks like the way to do it, and after a few hours of > fiddling with a program that opens a divert socket, I can watch > all manner of traffic going back and forth, but each time > I attempt to send it elsewhere, I get nowhere. I am duly > setting both the ip and tcp checksum, before re-injection. > > Somebody else must have done this, and/or I must be doing it > the wrong way. > > Any suggestions ? Please e-mail me directly also as I am > not on this list. A code snippet using divert would > be excellent. > > -- > Bruce Campbell > Engineering Computing > CPH-2374B > University of Waterloo > (519)888-4567 ext 5889 > > ---------------------------------------- > This mail sent through www.mywaterloo.ca > -- Bruce Campbell Engineering Computing CPH-2374B University of Waterloo (519)888-4567 ext 5889 ---------------------------------------- This mail sent through www.mywaterloo.ca